83 lines
1.6 KiB
YAML
83 lines
1.6 KiB
YAML
---
|
|
|
|
# SSL CERTS
|
|
- name: Install SSL certificates
|
|
copy:
|
|
src: ssl/
|
|
dest: /etc/ssl/private/
|
|
directory_mode: "u=rwx,g=rx,o="
|
|
mode: "u=rw,g=r,o="
|
|
owner: root
|
|
group: root
|
|
|
|
# Non-local binding
|
|
- name: Install 99-nonlocalbind.conf in /etc/sysctl.d
|
|
copy:
|
|
src: 99-nonlocalbind.conf
|
|
dest: /etc/sysctl.d
|
|
backup: no
|
|
|
|
- name: Install ipv6-nonlocalhack.service
|
|
copy:
|
|
src: ipv6-nonlocalhack.service
|
|
dest: /etc/systemd/system/ipv6-nonlocalhack.service
|
|
backup: no
|
|
|
|
- name: Start ipv6-nonlocalhack.service
|
|
service:
|
|
name: ipv6-nonlocalhack
|
|
state: running
|
|
|
|
# HAPROXY
|
|
- name: Install haproxy
|
|
package:
|
|
name: haproxy
|
|
state: latest
|
|
|
|
- name: Install packages required to generate config
|
|
package: name={{ item }} state=latest
|
|
with_items:
|
|
- python-yaml
|
|
- python-mako
|
|
|
|
- name: Copy haproxy configuration generation
|
|
copy:
|
|
src: haproxy/
|
|
dest: /tmp/haproxy
|
|
backup: no
|
|
|
|
- name: Generate haproxy configuration
|
|
shell: python genconfig.py > /etc/haproxy/haproxy.cfg
|
|
args:
|
|
chdir: /tmp/haproxy/
|
|
|
|
- name: Restart haproxy
|
|
service:
|
|
name: haproxy
|
|
state: restarted
|
|
|
|
# KEEPALIVED
|
|
- name: Install keepalived
|
|
package:
|
|
name: keepalived
|
|
state: latest
|
|
register: keepalived_installed
|
|
|
|
- name: Stop keepalived
|
|
service:
|
|
name: keepalived
|
|
state: stopped
|
|
|
|
- name: Copy keepalived config
|
|
template:
|
|
src: keepalived.conf
|
|
dest: /etc/keepalived/keepalived.conf
|
|
backup: no
|
|
#register: keepalived_configuration
|
|
|
|
- name: Restart keepalived
|
|
service:
|
|
name: keepalived
|
|
state: restarted
|
|
#when: keepalived_configuration.changed
|